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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). tn no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )£3 Responsive to communication(s) filed on 23 September 2004 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-79 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-75,78 and 79 is/are rejected. 

7) ^ Claim(s) 76 and 77 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 30 January 2001 is/are: a)El accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)Q Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1 ) ^ Notice of References Cited (PTO-892) 4) O Interview Summary (PTO-413) 

2) □ Notice of DraftspersoiYs Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5) □ Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date . 6) O Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 20050228 



Application/Control Number: 09/773,256 Page 2 

Art Unit: 2134 

DETAILED ACTION 



1 . Claims 1-79 are pending. 

2. Amendment submitted 23 September 2004 has been entered. 

Claim Objections 

3. Claim 76 is objected to because of the following informalities: The cited claim 
contains an inadvertent period on line 4 and appears to inadvertently include the 
limitation "to an authorization provider of the originating prior requestor module." 
Appropriate correction is required. 

Response to Arguments 



4. Applicant's arguments filed 9/23/2004 have been fully considered but they are 
not persuasive. 

5. Applicant has argued on page 16 that the Lipkin reference (US Patent No. 
6,138,235) fails to teach the limitation "determining that the requesting module owns the 
certificate" as presented in claim 2. Examiner respectfully disagrees. Examiner 
contends that Lipkin does teach the determining that the requesting module owns the 
certificate (Lipkin, column 7 lines 15-33, column 5 lines 7-16). Lipkin teaches that each 
requesting module has its own public/private key pair and certificate (Lipkin, column 7 
lines 15-19) and when a request is made a determining step is performed to ensure that 
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that certificates are signed by proper private keys. Hence, verification is performed to 
ensure that the requesting module owns the public key/private key of the certificate 
(Lipkin column 5 lines 5-16). 

6. Applicant's argument on page 17 regarding claims 2, 12, and 27 are moot in view 
of the new grounds of rejection. 

7. Applicant has argued on page 18 that the Lipkin reference fails to teach, 
"receiving specified parameters from the requesting module including an authorization 
interface of the requesting module and an authorization interface of an original 
requestor module if applicable." Examiner respectfully disagrees. Examiner contends 
that Lipkin teaches an authorization interface (Figure 1 , items 112 and 122) and sends 
parameters in the form of a role and certificates representing the requesting module 
(Lipkin, column 7 lines 15-39). 

8. Applicant has argued in page 1 8, in regards to claims 38, 51 , that the Lipkin 
reference fails to teach the interaction between three or more computer program 
modules involving a request to access a service from one of the three or more computer 
program modules. Examiner notes that the presented claimed limitations do not require 
three or more computer program modules. Instead, the presented limitations require 
only a requesting module and an adjunct program module. The indirect requestor is not 
presently required to be a module. 

9. Applicant's arguments on page 18 regarding claim 63 are moot in view of the 
new grounds of rejection. 
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Claim Rejections - 35 USC § 102 

10. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

1 1 . Claims 1,3,11,13-16, 24, 28, 36, 38-41 , 49, 52-53, 61 , 64-66, and 74 are 
rejected under 35 U.S.C. 1 02(e) as being anticipated by Lipkin et al US Patent No. 
6,138,235. Lipkin discloses a system for controlling access to services between 
modular applications. 

12. With regards to claims 1 , 26, 39, and 64, Lipkin teaches the receiving of a 
request from a requesting module (Lipkin, column 7 lines 29-32, column 3 lines 58-60), 
receiving a certificate from the requesting module (Lipkin, column 7 lines 31-42), 
determining whether the certificate authorizes processing in response to the request 
(Lipkin, column 7 lines 35-39), and processing according to programming of the adjunct 
program module in response to the request upon a condition in which the certificate 
authorizes processing in response to the request (Lipkin, column 7 lines 47-53 and lines 
4-6). 

13. With regards to claims 13, 38, Lipkin teaches receiving of a request from a 
requesting module (Lipkin, column 7 lines 29-32, column 3 lines 58-60), receiving 
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specified parameters from the requesting module including an authorization interface of 
the requesting module and an authorization interface of an original requestor of the 
requesting module if applicable (Lipkin, column 7 lines 1-4, 28-42, Figure 1 Items 112 
and 122), requesting authorization from the requesting module according to the 
authorization interface (Lipkin, column 7 lines 1-4), receiving authorization data in 
response to the requesting authorization (Lipkin, column 7 lines 1-4, 28-42), determining 
whether the certificate authorizes processing in response to the request (Lipkin, column 
7 lines 35-39), and processing according to programming of the adjunct program 
module in response to the request upon a condition in which the certificate authorizes 
processing in response to the request (Lipkin, column 7 lines 47-53 and lines 4-6). 

14. With regards to claims 15, 40, 52, and 65, Lipkin teaches the verifying of the 
signature of the certificate by a certificate authority (Lipkin, column 7 lines 31-42). 

15. With regards to claim 3, 14, 16, 28, 41, 53, and 66, Lipkin teaches the 
determining that the requesting module owns the certificate (Lipkin, column 7 lines 22- 
33). 

1 6. With regards to claims 1 1 , 24, 36, 49, 61 and 74, Lipkin teaches the determining 
that the certificate includes data specifying one or more types of actions permitted by 
the certificate (Lipkin, column 5 lines 27-53, column 6 lines 5-10) and determining that 
the one or more types of actions includes at least one type of action associated with 
processing to be performed in response to the request (Lipkin, column 7 lines 29-38 and 
50-53). 
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Claim Rejections - 35 USC § 103 

17. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

18. Claims 2 and 26-27 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Lipkin et al US Patent No. 6,138,235 in view of Koehler US Patent No. 6,301 ,658. 
Koehler describes a method of authenticating digital certificates issued by an 
authentication hierarchy. 

19. With regards to claim 2 and 27, Lipkin fails to teach the authorizing of processing 
including determining whether the certificate has expired. Koehler teaches the 
authorizing of processing including determining whether the certificate has expired 
(Koehler, column 6 lines 9-30). At the time the invention was made, it would have been 
obvious to a person of ordinary skill in the art to utilize Koehler's method of determining 
certificate expiration because it offers the advantage of allowing an authentication 
system to easily removed expired certificates and allow replacement with newer 
certificates (Koehler, column 3 lines 22-33). 

20. With regards to claims 12 and 26, Lipkin teaches all that is described above in 
regards to claim 1 , but fails to teach the certificate including an owner field that identifies 
the owner of the certificate. Koehler teaches teach the certificate including an owner 
field that identifies the owner of the certificate (Koehler, column 6 line 66 - column 7 line 
8). At the time the invention was made, it would have been obvious to a person of 
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ordinary skill in the art to utilize Koehler's method including an owner field in a certificate 
because it offers the advantage of allowing verification of the owner of a certificate by 
verifying that their certificate corresponds to their private key public key pair (Koehler, 
column 2 lines 5-15). 

21 . Claims 4-7, 1 0, 1 7-20, 23, 29-32, 35, 42-45, 48, 54-57, 60, 67-70, and 73 are 
rejected under 35 U.S.C. 103(a) as being unpatentable over Lipkin et al US Patent No. 
6,138,235 in view of Butt et al US Patent No. 6,754,829. Butt discloses a certificate 
based authentication system for heterogeneous environments. 

22. With regards to claims 4,17, 29, 42, 54, and 67, Lipkin fails to disclose the 
sending of test data and receiving a response. Butt teaches the sending of test data to 
the requesting module and the receiving of response data from the requesting module 
wherein the response data is derived from the test data in a manner that requires 
ownership of the certificate (Butt, column 6 lines 49-67). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to utilize Butt's 
method of sending test data with Lipkin's system of controlling access to modules 
because it offers the advantage of providing a method of proving that a certificate owner 
has the private key of the certificate pair (Butt, column 6 lines 56-59) thus allowing 
authentication of a certificate owner (Butt, column 6 lines 49-53). 

23. With regards to claims 5, 7, 18, 20, 30, 32, 43, 45, 55, 57, 68, and 70, Lipkin as 
modified teaches the response data being derived from the test data in a manner that 
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requires access to a private key that is associated with the certificate (Butt, column 6 
lines 56-62). 

24. With regards to claims 6, 19, 31 , 44, 56, and 69, Lipkin as modified teaches the 
response data including a cryptographic signature of the test data (Butt, column 6 lines 
59-62). 

25. With regards to claims 10, 23, 35, 48, 60, and 73, Lipkin as modified teaches 
generating the test data randomly (Butt, column 6 lines 59-62). 

26. Claims 12, 25, 37, 50, 62, and 75 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Lipkin et al US Patent No. 6,138,235. Lipkin fails to teach the 
module being a module in a dynamic link library. Examiner takes official notice that 
dynamic link libraries are well known in the art as a method of packaging modules and 
thus at the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use dynamic link libraries as modules. 

27. Claims 8-9, 21-22, 33-34, 46-47, 58-59, and 71-72 rejected under 35 

U.S.C. 103(a) as being unpatentable over Lipkin et al US Patent No. 6,138,235 and Butt 
et al US Patent No. 6,754,829 as applied to claims 7, 20, 32, 45, 57, and 70 above, and 
further in view of Davis et al US Patent No. 6,088,450. Davis discloses an 
authentication system based on periodic challenge/response. 

28. With regards to claims 8-9, 21-22, 33-34, 46-47, 58-59, and 71-72, Lipkin as 
modified fails to teach the encrypting of test data using the public key of the certificate 
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and the response data being decrypted from the test data. Davis teaches the 
encrypting of test data using the public key of the certificate and the response data 
being decrypted from the test data (Davis, column 6 line 66 - column 7 line 10). At the 
time the invention was made, it would have been obvious to a person of ordinary skill in 
the art to utilize Davis' challenge/response method with Lipkin as modified because it 
offers the advantage of providing a method of verifying the authenticity of a remote 
entity (Davis, column 2 lines 50-58). 

29. Claims 51, 63, and 78-79 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Lipkin et al US Patent No. 6,138,235 in view of Devine et al US 
Patent No. 6,598,167. 

30. With regards to claims 51 and 63, Lipkin teaches all that is described above in 
regards to claim 13, but fails to teach a requesting module receiving its request from a 
prior requestor module. Devine teaches a requesting module receiving its request from 
a prior requestor module (Devine, column 8 line 61 to column 9 line 37, Figure 9 
Customer 10 to Web Server 24 to Fulfilling Servers 40). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to utilize 
Devine's method of using proxy interface modules between the original requestor and 
the fulfilling module with Lipkin's system of controlling access to modules because it 
offers the advantage of increasing the overall system security and reducing the number 
of interfaces (Devine, column 9 line 32-37). 
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31 . With regards to claims 78-79, Lipkin as modified teaches each of the requesting 
modules and prior requestor modules, including the originating prior requestor module, 
includes an authorization provider adapted so that the behavior of the authorization 
providers can be modified without requiring modification to other elements of the 
respective requesting and prior requestor modules (Devine, column 9 lines 38-42, 10- 
18, Figure 9 Item 24 validates, Item 26 verifies). 

Allowable Subject Matter 

32. Claims 76-77 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

33. The following is a statement of reasons for the indication of allowable subject 
matter: The cited claim provides the unique limitation of "an authorization provider of an 
intermediary prior requestor module requires authority verification by an authorization 
verifier of the originating prior requestor module as a prerequisite to providing the 
authorization data to an authorization verifier of the adjunct computer module." 

Conclusion 



34. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L Nalven whose telephone number is 571 272 
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3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse can be reached on 571 272 3838. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Andrew Nalven 




GREGORY MQRSE 
SUPERVISORY PATENT BCMER 
TECHNOLOGY GBC^.iCO 



